Let’s take a second to step back into reality, suspending the influence of the Silicon Valley’s hype machine, and taking the time to analyze the current situation of the Internet of Things (IoT). If I had to give Silicon Valley a grade for how well they’ve influenced consumer’s awareness of the IoT, it would be an “F,” and I don’t think I would be the only person to deliver that evaluation. Overall, Silicon Valley has failed to maintain the excitement around the “The Internet of Things,” with consumers understanding very little about how these connected devices benefit them, and more importantly, not really caring. Before you can convince the world that a network of connected devices is the future of productivity, you first have to convince them of some smaller, more tangible points.
If you’re [Silicon Valley] going to take on the task of connecting every device known to man, I think it would be a good idea to start with trying to make devices more accessible to connect to a network. My background is littered with networking horror stories from a variety of consumer electronics retailers, and right now, consumer’s frustration level with basic networking could potentially be the single most significant hurdle to a world of connected devices. The “Networking Equipment” category is consistently one of the most frustrating for retailers, with return rates always ranking among the highest in store, and it poses a customer service nightmare for every party involved.
You see, networking is one of the only categories in retail that enlist more than two parties to safely and securely create a home network. A best-case scenario limits the interactions to three entities: the retailer who sold the connected device, the internet service provider (ISP), and the manufacturer of the networking equipment. Any business transaction involving more than two parties opens itself up to a plethora of problems (I’m looking at you Uber), and in this case, three is definitely a crowd.
To alleviate this problem, manufacturers of networking equipment have decided the most natural thing to do is engineer themselves across the finish line (typical response from geeks). Innovation after innovation has been applied to networking equipment, starting with connection wizards, peeking with Wi-Fi Protected Setup (WPS), and sadly ending with auto-connecting mesh routers. Personally, I probably would have given up when consumers weren’t able to figure out one-touch connections with WPS, but the industry keeps trudging along.
When customers can successfully connect the latest generation of connected devices, things haven’t always gone as planned, as demonstrated by a string of highly publicized security breaches dominating the headlines. In October of 2016, one of the most significant internet outages ever witnessed was caused by hacked IoT devices. 2017 was ushered in by the release of Brickerbot, an attack specifically designed to permanently disable poorly designed IoT devices, a process known as “bricking.” All of these security snafus are linked to one specific manufacturing goal – maintaining the bottom line.
Manufacturing IoT devices happen in the manner as any other product, which means manufacturers adhere to the same priorities, with the goal being to manufacture these products at the lowest possible price point; This translates into lower memory capacity, less built-in security, and minimal investment devoted to human IT resources. The result has been a large quantity of these devices shipping with their default configuration and customers who don’t possess the knowledge or patience to change their configurations leaving them as is.
So what’s wrong with the default configuration? To put this into layman’s terms, it’s the equivalent of breaking the first rule of Fight Club. Everyone knows the rule, it should be easy to follow, but it continues to be broken. The first rule of internet security is “never leave your device’s username and password on the default settings,” as doing this creates opportunities for anyone who can read an instruction manual to access the device [you should be thinking about your security right now].
I’m not here to bitch-n-moan about the world without offering up some solutions. As a former corporate trainer in the consumer electronics space, I understand the importance of consumer education and how much better off a situation can become by applying a bit of knowledge to it. RTR Digital offers a Networking Basics course at our learning site, RTR Learning, but if you’re not going to enroll, we’ll still provide some basic tips.
– Change the Default Settings – Every device is shipped with a default username and password (usually on a sticker on the device) as a way for users to access the setup menu, configure the device, and then change the password so no one else can access the administrator settings. Never leave the username or password set to “admin” or “password1234”.
– Name Your Wireless Network Something Abstract – When configuring your wireless network, don’t include any personally identifiable information (e.g., name, street number, house color). If someone is determined to access a network, physical proximity is the key, and associating the network work with its location is giving up way too much information.
– Use the Guest Network Feature – Setting up a guest network is a feature on almost all modern networking equipment – use it. The guest network feature enables you to hand out the password to your wireless network without exposing your personal information in the process. Devices on the guest network are given internet access but are in a separate part of the network from the devices connected to the primary network.
– Create Unique Passwords – When creating passwords, every device should have a different password, which means you can’t use your kids’ birthdays every time. It may seem like a hassle, but to make it easier, you should come up with a system that enables you to remember them. You can try something like the first three letters of the manufacturer’s name, followed by the purchase month and year of the device.
Ultimately, it’s up to retailers, manufacturers, and consumers to take control of their own responsibilities when dealing with connected devices. There are three parties involved in the future of the IoT, and all three of them have to decide how bad they want the world that is promised to them. Feel free to leave comments or questions on this post, and we’ll be sure to respond.